<?php

/* 
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
//判断有没有数据提交
session_start();
require("../db_conn.php");
if (isset($_POST))
{
   if ($_SESSION['code']==$_POST['yzm'])
   {
            //收集用户输入的数据
                $yhm=trim($_POST['yhm']);  //trim去掉字符串前后空格
                $mm=trim($_POST['mm']);  

                //比较用户输入的数据是否跟数据库中的用户信息相同
                $sql="select * from users where username='$yhm'";
                $rs=$db->query($sql);
                $row=$rs->fetch_assoc();
                if ($row)
                { 
                    //有这个用户,验证密码，密码正确跳转到后台页，密码不正确，跳转login.php

                    if($row['dlmm']==md5($mm))
                    {
                        //成功后产生标志
                        $_SESSION['userinfo']=$row;
                        header("Location:user.php");
                    }    
                    else 
                    {
                        echo "<script>alert('密码错误！');window.location.href='login.php'</script>";
                    }

                }
                else
                {
                    echo "<script>alert('用户名错误！');window.location.href='login.php'</script>";

                }
   }
  else {
       echo "<script>alert('验证码错误！');window.location.href='login.php'</script>";
   }
}
